Skip to content

Latest commit

 

History

History
105 lines (98 loc) · 11.7 KB

Trophy.md

File metadata and controls

105 lines (98 loc) · 11.7 KB
Raw

🏆 Bugs & CVEs

The showcase of bugs and CVEs found by UTopia-based fuzzers serves a variety of purpose:

  • Show the effect of the fuzzing automation approach (i.e.,UTopia can help find more bugs in the projects that are already registered and have been being fuzz tested in OSS-Fuzz)
  • Provide insight into making unit tests that can work well with UTopia (i.e., Fuzzing friendly unit tests)
  • Increase the visibility of various fuzz drivers so that people can learn or improve fuzz driver composing strategies

Note that the merged fuzz drivers are different from the original ones generated by UTopia because they are reviewed and modified by the community.

Project Bugs or CVEs Category Fuzzer
OpenCV #21947 bof readnetfromtensorflow_fuzzer.cc
OpenCV #21852 bof readnetfromtensorflow_fuzzer.cc
OpenCV #21851 bof
libaom CVE-2021-30473 free
libaom CVE-2021-30474 bof
libaom CVE-2021-30475 nullchk
uriparser CVE-2021-46141 nullchk
uriparser CVE-2021-46142 nullchk
assimp #4105 loop
assimp #4254 nullchk
assimp #4273 nullchk
assimp #4274 nullchk
assimp #4275 nullchk
assimp #4280 nullchk
assimp #4281 nullchk
assimp #4294 nullchk
assimp #4295 nullchk
assimp #4296 free
assimp #4297 free
assimp #4298 free
assimp #4299 free
assimp #4300 free
assimp #4301 free
assimp #4302 free
assimp #4303 free
assimp #4304 free
assimp #4305 free
assimp #4306 free
assimp #4307 nullchk
assimp #4308 nullchk
assimp #4309 nullchk
assimp #4310 nullchk
libaom #3187 arith
libaom #3188 bof
libaom #3190 nullchk
libaom #3191 nullchk
libaom #3192 nullchk
libaom #3195 bof
libaom #3197 nullchk
libaom #3206 arith
libaom #3215 bof
libaom #3216 nullchk
libaom #3217 nullchk
libaom #3218 nullchk
libaom #3220 bof
libaom #3221 bof
libwebsockets #2687 segfault lws_upng_inflate_fuzzer.cpp
libhtp #342 segfault
libhtp #343 segfault
libphonenumber #201466814 nullchk
libphonenumber #201470539 segfault
libvpx #1742 arith
libvpx #1722 free
tesseract #3583 bof
tesseract #3584 bof
tesseract #3586 segfault
tesseract #3694 arith
vowpal-webbit #3542 arith
vowpal-webbit #3543 arith
wabt #1793 segfault
wabt #1794 oom
aosp/audio_utils #206677585 arith
tizen/libtbm #254382 nullchk
tizen/yaca #255163 oor
tizen/privilege-info #255010 nullchk
tizen/libmm-fileinfo #255012 bof
tizen/alarm-manager #255345 nullchk
tizen/context #255046 other
tizen/context #256732 free
tizen/mediatool #257660 bof
tizen/pkgmgr-info #257518 nullchk
tizen/system-settings #258170 nullchk
tizen/mime-type #262491 other
tizen/sensor #262766 nullchk
OpenCSD #49 bof
OpenCSD #50 bof
OpenCSD #51 bof

Description of categories:

  • arith: Arithmetic error (e.g., overflows, divide-by-zero)
  • nullchk: Missing nullptr check
  • loop: Infinite loop
  • oom: Out of memory
  • oor: Out of range read
  • oow: Out of range write
  • segfault: Program segfaulted
  • free: Free memory that is not located on the heap
  • type: Wrong type conversion of size
  • bof: Buffer overflow
  • uaf: Use after free
  • other: Anything that does not fit in another category, or unclear what the problem is